Author Archives: pappp

Twitch Censors Live Metallica Performance with Dorkiest Music Imaginable

Source: Slashdot

Article note: Our copyright system really is completely absurd.

In the year 2000, Metallica drummer Lars Ulrich answered questions from Slashdot's readers. Late Friday night, the AV Club described Metallica's appearance at the opening ceremonies for the (now online) version of Blizzard Entertainment's annual event BlizzCon: The opening ceremonies were being broadcast online, both through the official BlizzCon page, YouTube, and Twitch. And you know what happens when licensed music gets played on the internet, don't you, folks? That's right: Copyright issues! Per Uproxx, the audio of James, Lars, and the boys' performance apparently went out as per usual on YouTube and the BlizzCon page — although the whole thing appears to have been excised from the YouTube upload of the event. But on Twitch... On Twitch, things did not go so well. Which is to say that, even though it was being hosted on the company's official twitchgaming channel, the performance was ominously preceded by a chyron noting that "The upcoming musical performance is subject to copyright protection by the applicable copyright holder." And then this happened.... Can we prove that someone at Twitch intentionally picked the dorkiest, most Zelda forest-ass music imaginable to have Metallica rock their little hearts out to, instead of broadcasting their extremely copyrighted music (and thus having to deal with the possibility of issuing one of their ubiquitous DMCA takedown notices to themselves)? Obviously not.... On the other hand, we can prove that it is extremely funny to watch this happen, especially — as many people have pointed out — since Metallica is at least partially responsible for the restrictive character of many online musical streaming laws that dominate the internet today, after their high-profile campaign against Napster way back at the dawn of the MP3. In other news, Diablo II is being remastered and re-released later this year.

Read more of this story at Slashdot.

Posted in News | Leave a comment

Congress Escalates Pressure on Tech Giants to Censor,Threatening First Amendment

Source: Hacker News

Article note: "For the same reasons that the Constitution prohibits the government from dictating what information we can see and read (outside narrow limits), it also prohibits the government from using its immense authority to coerce private actors into censoring on its behalf." That is a really interesting take. I think I agree with it, but it's the first time I recall seeing it spelled out like that.
Comments
Posted in News | Leave a comment

New malware found on 30,000 Macs has security pros stumped

Source: Ars Technica

Article note: That is some weird high-polish shit to be running no payloads for that long. Escaped experiment? Nation-state actor testing? Someone clever and nefarious waiting for a large reach before they start dropping payloads?
Close-up photograph of Mac keyboard and toolbar.

Enlarge (credit: Jayson Photography / Getty Images)

A previously undetected piece of malware found on almost 30,000 Macs worldwide is generating intrigue in security circles, which are still trying to understand precisely what it does and what purpose its self-destruct capability serves.

Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

Also curious, the malware comes with a mechanism to completely remove itself, a capability that’s typically reserved for high-stealth operations. So far, though, there are no signs the self-destruct feature has been used, raising the question why the mechanism exists.

Read 10 remaining paragraphs | Comments

Posted in News | Leave a comment

Most Teen Bullying Occurs Among Peers Climbing the Social Ladder

Source: Hacker News

Article note: ...What kind of garbage-ass self-serving model have the "anti-bullying" folks (who conspicuously always seem to be at very least "socially-aggressive" themselves) been using that this is news?
Comments
Posted in News | Leave a comment

Google Workspace for Education storage policy changes

Source: Hacker News

Article note: Uh-oh. I've been RCloning encrypted backups into my academic Google account (Workspaces? Apps? whatever they're branding it this week), I might actually have to pay for my offsite bulk storage if UK starts paying attention to how much storage we use.
Comments
Posted in News | Leave a comment

Pfizer and Moderna vaccines prove 92 percent effective with just 1st dose

Source: The Week: Most Recent Home Page Posts

Article note: Oh hell yes, this makes me feel _very_ good about the 1st dose of Pfizer I got this week (In-person teaching put me oddly high on the list, not complaining).

Just one dose of the Moderna and Pfizer two-shot coronavirus vaccines is seemingly nearly as good two.

In a study published Thursday in the New England Journal of Medicine, a pair of Canadian-based researchers suggested an amendment to the determined efficacy of the Pfizer vaccines after just one shot. While Pfizer and BioNTech reported their vaccine was just 52.4 percent effective at preventing infection after the first dose, the researchers noted that this data includes results from within the first two weeks after inoculation, "when immunity would have still been mounting." After two weeks, that efficacy mounted to 92.6 percent, matching the first-dose efficacy of 92.1 percent reported from the Moderna vaccine as well. After two doses, the Pfizer vaccine is 95 percent effective, and Moderna's is 94 percent.

The Canadian-based researchers' interpretations of the Pfizer results led them to suggest in the letter that vaccine distributors delay giving people the second dose. This would let distributors get first doses to more at-risk people instead of leaving them "completely unprotected" — something the researchers called "a matter of national security that, if ignored, will certainly result in thousands of COVID-19–related hospitalizations and deaths this winter in the United States."

Another study from January led Pfizer and BioNTech to say Wednesday that they are unsure if the vaccine will be effective at protecting against the B.1.351 variant first found in South Africa. The study published in the New England Journal of Medicine found the vaccine was still capable of neutralizing the virus within the B.1.351 strain, and that trials haven't shown the variant reduces the vaccine's protection in people. Still, the companies may end up creating a booster shot to ensure the vaccine remains effective against the highly transmissible strain.

Posted in News | Leave a comment

Facebook news ban is “arrogant,” Australia will not be “intimidated,” PM says

Source: Ars Technica

Article note: Man do I hate being in the position of agreeing with something obnoxious Facebook does, but pay-to-link is a big problem for the Internet, governments being coerced to set up protection rackets for entrenched fourth estate entities (basically by and for Rupert Murdoch) is also a big problem for society, and we should vigorously nip that shit in the bud.
News is still very much happening both around the world and in Australia... but you wouldn't know it if you're one of the tens of millions of Australian Facebook users.

Enlarge / News is still very much happening both around the world and in Australia... but you wouldn't know it if you're one of the tens of millions of Australian Facebook users. (credit: Brent Lewin | Bloomberg | Getty Images)

A long-simmering battle between tech firms and the government of Australia became explosive yesterday when Facebook announced that it would block all linking of news publications inside the country. Not only has this change affected Australian and international news publishers, but Facebook's wide net has also caught up governments, nonprofits, and basically anyone else in Australia who posts non-news content to the platform.

Australian lawmakers have been considering a bill that would require Internet platforms such as Google and Facebook ("digital platform corporations") to negotiate in good faith with news outlets ("registered news business corporations") to link to their content. If the outlets and the platforms can't reach a deal on their own, they would have to go to baseball-style arbitration, where a neutral third-party arbitrator would decide whose offer is the better one.

The bill would at first apply to only two companies: Google and Facebook. Both, as you might expect, have expressed consistent opposition to the bill. (Microsoft, operator of remote second-place search engine Bing—which captures between 2 and 3 percent of the market—does not oppose the rules that would apply to its largest competitor.)

Read 12 remaining paragraphs | Comments

Posted in News | Leave a comment

Nvidia announces mining GPUs, cripples hash rate of RTX-3060

Source: Hacker News

Article note: Bahahaha. Nvidia is trying to cripple their drivers to get cryptominers off their gaming line and on to "dedicated" (marked up) parts. Same tier of skeezy as when they altered their driver license to try to force people lured by CUDA dependencies and cheap GPUs for compute onto artificially-differentiated compute parts (I bet this latest crippling will also be a problem for compute users). This is going to have a bunch of motivated hackers reverse engineering in their visibly-shitty drivers and firmware, and it's not going to go well for them.
Comments
Posted in News | Leave a comment

Fuzix: Unix on a Raspberry Pi Pico #RaspberryPiPico #Unix @hjalfi

Source: adafruit industries blog

Article note: Fuckin' cool. An only slightly feeble V7 clone on the Pico. Also, I find their notes about the Pico's C SDK very promising - I've been thinking about where I'd like to move UK's intro embedded lab long term and the quality and simplicity of documentation makes the Pico suddenly kind of appealing. We're on Keil in legacy mode which is foul + TI TivaC Cortex M4 right now because there is a good, cheap book for it, major contenders ST CubeIDE + STM32 or TI CCS + TivaC, but maybe I should be looking at the Pico.

David Given blogs about porting Fuzix, a small V7 Unix clone, to the new Raspberry Pi Pico microcontroller:

Working with the Pico was an experience: the documentation is excellent, as is the C SDK. The SDK provides a set of libraries which are thin wrappers around the underlying hardware, making most features utter simplicity to use. Unlike the ESP8266’s libraries, the Pico SDK is unopinionated and doesn’t require you to use any of its features: if you want to talk directly to the hardware, you can (and in fact there’s library support for doing just this).

There are some high-level features like a heap, stdio emulation, multicore primitives, etc which I’m not using, but if you don’t use them you don’t pay for them. For my embedded-systems brain it’s the ideal ratio of functionality to complexity.

The Fuzix port provides:

  • user binaries using up to 64kB of code and data each (this could be expanded, as there’s plenty of spare RAM)
  • up to 15 processes
  • a proper Unix filesystem
  • SD card support, used for both the filesystem and swap space
  • serial console on UART0
  • the full set of Fuzix core binaries work — fsck, Bourne shell, the standard Unix tools, a vi clone, etc, plus some simple games

If you’re looking for the source code, I’m currently upstreaming it piece by piece to the main FUZIX repository. Until that’s done, look in my own fork.

If you just want a binary to flash and try for yourself, here’s one: Raspberry Pi Pico Fuzix binaries

Poorly put-together, bugridden and unsupported Fuzix binaries for the Raspberry Pi Pico. Instructions are enclosed, more or less.

See more in the post here.

Posted in News | Leave a comment

New type of supply-chain attack hit Apple, Microsoft and 33 other companies

Source: Ars Technica

Article note: Oh this is super dumb. Automatic dependency management tools, which are always a clusterfuck, automatically matching malicious packages uploaded in the public namespace over top of internal company-use packages whose names are easily inferred.
New type of supply-chain attack hit Apple, Microsoft and 33 other companies

Enlarge (credit: Getty Images)

Last week, a researcher demonstrated a new supply-chain attack that executed counterfeit code on networks belonging to some of the biggest companies on the planet, Apple, Microsoft, and Tesla included. Now, fellow researchers are peppering the Internet with copycat packages, with more than 150 of them detected so far.

The technique was unveiled last Tuesday by security researcher Alex Birsan. His so-called dependency confusion or namespace confusion attack starts by placing malicious code in an official public repository such as NPM, PyPI, or RubyGems. By giving the submissions the same package name as dependencies used by companies such as Apple, Microsoft, Tesla, and 33 other companies, Birsan was able to get these companies to automatically download and install the counterfeit code.

Automatic pwnage

Dependencies are public code libraries or packages that developers use to add common types of functionality to the software they write. By leveraging the work of thousands of their open source peers, developers are spared the hassle and expense of creating the code themselves. The developer’s code automatically downloads and incorporates the dependency, or any update to it, either from the developer’s local computer or from a public repository.

Read 14 remaining paragraphs | Comments

Posted in News | Leave a comment